一次虚拟机 (virtual box + vagrant + homestead) 崩溃与 debug 的过程

原先虚拟机架构

Win 10 专业版

Vagrant:2.2.12(最新)

Virtual Box:6.1.16(最新)

解决时:

Win 10 2019 ltsc

Vagrant:2.2.12(最新)

Virtual Box:6.1.16(最新)

解决办法:显卡驱动回退

问题

某次重启后虚拟机无法打开

虚拟机内核级别的崩溃,尚未进入其系统

vagrant 报错信息:

There was an error while executing VBoxManage, a CLI used by Vagrant for controlling VirtualBox. The command and stderr is shown below.

Command: [“startvm”, “966fd2e6-c0e0-4b1e-8cdd-e9c5305bed08”, “–type”, “headless“]

Stderr: VBoxManage.exe: error: The virtual machine ‘new_default_1518243933264_77412’ has terminated unexpectedly during startup with exit code 1 (0x1). More details may be available in ‘C:\Users\mafei\VirtualBox VMs\new_default_1518243933264_77412\Logs\VBoxHardening.log’ VBoxManage.exe: error: Details: code E_FAIL (0x80004005), component MachineWrap, interface IMachine

virtual box 报错信息:

The virtual machine ‘ubuntu’ has terminated unexpectedly during startup with exit code 1 (0x1). More details may be available in ‘C:\Users\Chopto\VirtualBox VMs\ubuntu\Logs\VBoxHardening.log’.

Result Code: E_FAIL (0x80004005) Component: MachineWrap Interface: IMachine {b2547866-a0a1-4391-8b86-6952d82efaa0}

错误分析与排查

直接在 stack overflow 查询报错信息并未有直接收获

内核级别的错误因为过于复杂,寻找症结非常困难,先从程序的调用顺序尝试

vagrant 的 headless 模式启动了 VBoxManage,进而引发报错,初步推测问题出在 virtual box 身上,基本排除 vagrant 配置问题(仍考虑版本适配性与兼容性问题)

排查 virtual box log,发现几条有价值的信息:

NtOpenDirectoryObject failed on \Driver: 0xc0000022

Error -104 in supR3HardenedWinReSpawn! (enmWhat=5)

Error relaunching VirtualBox VM process: 5

supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0

发现了一条重要线索:virtual box 打开 system32 下的 wintab32.dll 报 error 级别的错,说明 virtual box 需要的动态库未得到满足

可能的问题

注册表污染

动态库缺失

动态库抢占

动态库污染

尝试解决问题

提到了注册表污染的问题,尝试重做系统,保守选用 win 10 2019 ltsc,安装后恢复正常,但安装几个软件后重启立刻再次崩溃

基本排除注册表问题,寻找 dll 的可能性

官方 FAQ 中,提及:HARDENING ISSUE 不应被看作 bug,而应思考 dll 的注入问题 (This was introduced to guard against the possibility that malware running on the HOST could inject a DLL)

下面提及了几种可能性:

  • Graphics drivers (e.g. from NVidia) may inject a DLL which filters graphics function calls to the host OS, redirecting them from software to hardware accelerated versions. VirtualBox VMs use OpenGL, which is precisely the main API that most benefits from this.

  • Unofficial Windows Theme providers often use hacked versions of the Windows theme DLL (uxtheme.dll).

  • Accessibility tools designed to help partially sighted people sometimes inject themselves into standard apps in order to speak the text, force high contrast colors etc.

  • Antivirus software is invasive by its very nature, with behaviour hard to distinguish from malware.

  • Many others.

官方关于 0x1 报错:

Error Symptom 1: Exit with error code 1

This seems to have several causes, but one of the main ones seems to be that some DLL that VirtualBox requires has failed to load. That probably indicates corruption somewhere. Sometimes you find an error related to USER32.DLL in the hardening log. This may be fixed by running “sfc /scannow” in an administrator command prompt window.

See also the “More than one thread in process” note in the previous post.

这两个文档指向了某些自动安装的驱动(尤其是影响系统的)!

查找安装时间,发现下载的 GeForce Experience 自动更新了显卡驱动(461.09),尝试回退到(456.71),完全解决问题,再次重启虚拟机仍照常启动

猜测显卡驱动更新对核心 dll 产生影响

一些收获

耐得烦仔细查 log 总会有收获

以下链接有所帮助:

stackoverflow.com/questions/393453...

stackoverflow.com/questions/522692...

stackoverflow.com/questions/605824...

forums.virtualbox.org/viewtopic.ph...

forums.virtualbox.org/viewtopic.ph...
注:如果电脑上安装过老版本的virtualbox,卸载后会有驱动残留,需要将老的驱动删除后才能安装新版本的virtualbox。于是按照论坛上的建议,先卸载软件,然后删除了C:\Windowns\System32\drivers 目录下所有以VBox开头的文件

本作品采用《CC 协议》,转载必须注明作者和本文链接
一只热爱编程的松鼠
《L01 基础入门》
我们将带你从零开发一个项目并部署到线上,本课程教授 Web 开发中专业、实用的技能,如 Git 工作流、Laravel Mix 前端工作流等。
《L03 构架 API 服务器》
你将学到如 RESTFul 设计风格、PostMan 的使用、OAuth 流程,JWT 概念及使用 和 API 开发相关的进阶知识。
讨论数量: 0
(= ̄ω ̄=)··· 暂无内容!

讨论应以学习和精进为目的。请勿发布不友善或者负能量的内容,与人为善,比聪明更重要!